Fraunhofer-AISEC · maximiliankaul · Feb 17, 2025 · Feb 18, 2025 · Feb 18, 2025 · Feb 18, 2025
@@ -35,8 +35,8 @@ import de.fraunhofer.aisec.cpg.graph.concepts.Operation
  * @return A set containing all [Concept] nodes found in the overlays of the [Node] and its
  *   children.
  */
-val Node.conceptNodes: Set<Concept<*>>
-    get() = this.nodes.flatMapTo(mutableSetOf()) { it.overlays.filterIsInstance<Concept<*>>() }
+val Node.conceptNodes: Set<Concept>
+    get() = this.nodes.flatMapTo(mutableSetOf()) { it.overlays.filterIsInstance<Concept>() }
 
 /**
  * Retrieves a set of all [Operation] nodes associated with this [Node] and its AST children

@@ -33,11 +33,11 @@ import de.fraunhofer.aisec.cpg.graph.OverlayNode
  * logging, files, databases. The relevant operations on this concept are modeled as [Operation]s
  * and stored in [ops].
  */
-abstract class Concept<T : Operation>(underlyingNode: Node) : OverlayNode() {
+abstract class Concept(underlyingNode: Node) : OverlayNode() {
     init {
         this.underlyingNode = underlyingNode
     }
 
     /** All [Operation]s belonging to this concept. */
-    val ops: MutableSet<T> = mutableSetOf()
+    val ops: MutableSet<Operation> = mutableSetOf()
 }
@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 2024, Fraunhofer AISEC. All rights reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *                    $$$$$$\  $$$$$$$\   $$$$$$\
+ *                   $$  __$$\ $$  __$$\ $$  __$$\
+ *                   $$ /  \__|$$ |  $$ |$$ /  \__|
+ *                   $$ |      $$$$$$$  |$$ |$$$$\
+ *                   $$ |      $$  ____/ $$ |\_$$ |
+ *                   $$ |  $$\ $$ |      $$ |  $$ |
+ *                   \$$$$$   |$$ |      \$$$$$   |
+ *                    \______/ \__|       \______/
+ *
+ */
+package de.fraunhofer.aisec.cpg.graph.concepts
+
+import de.fraunhofer.aisec.cpg.graph.Node
+import de.fraunhofer.aisec.cpg.graph.OverlayNode
+
+/**
+ * Represents a reference to a [Concept]. This is similar to the standard
+ * [de.fraunhofer.aisec.cpg.graph.statements.expressions.Reference] idea.
+ *
+ * @param concept The referenced [Concept]
+ */
+class ConceptReference<T : Concept>(underlyingNode: Node, val concept: T?) : OverlayNode() {
+    init {
+        this.underlyingNode = underlyingNode
+    }
+}
@@ -35,7 +35,7 @@ import de.fraunhofer.aisec.cpg.graph.OverlayNode
 abstract class Operation(
     underlyingNode: Node,
     /** The [Concept] this operation belongs to. */
-    open val concept: Concept<*>,
+    open val concept: Concept,
 ) : OverlayNode() {
     init {
         this.underlyingNode = underlyingNode

@@ -30,4 +30,4 @@
 
 /** Represents a block device. E.g. a hard disk. */
 class BlockStorage(underlyingNode: Node) :
-    Concept<BlockStorageOperation>(underlyingNode = underlyingNode), IsDiskEncryption
+    Concept(underlyingNode = underlyingNode), IsDiskEncryption
@@ -29,8 +29,7 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.concepts.Concept
 
 /** Represents a cipher suite. E.g. `AES-XTS-plain64` */
-class Cipher(underlyingNode: Node) :
-    Concept<CipherOperation>(underlyingNode = underlyingNode), IsDiskEncryption {
+class Cipher(underlyingNode: Node) : Concept(underlyingNode = underlyingNode), IsDiskEncryption {
     /** A string representing the cipher used, e.g. `AES-XTS-plain64`. */
     var cipherName: String? = null
 

@@ -27,16 +27,17 @@
 
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.concepts.Concept
+import de.fraunhofer.aisec.cpg.graph.concepts.ConceptReference
 
 /** This concept represents an encrypted disk. */
 class DiskEncryption(underlyingNode: Node) :
-    Concept<DiskEncryptionOperation>(underlyingNode = underlyingNode), IsDiskEncryption {
+    Concept(underlyingNode = underlyingNode), IsDiskEncryption {
     /** The encryption target, i.e. the disk */
-    var target: BlockStorage? = null
+    var target: ConceptReference<BlockStorage>? = null
 
     /** The cipher suite used for disk encryption */
-    var cipher: Cipher? = null
+    var cipher: ConceptReference<Cipher>? = null
 
     /** The encryption key used for disk encryption */
-    var key: Secret? = null
+    var key: ConceptReference<Secret>? = null
 }
@@ -29,8 +29,7 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.concepts.Concept
 
 /** Represents a "secret key", e.g. used in hard disk encryption. */
-class Secret(underlyingNode: Node) :
-    Concept<SecretOperation>(underlyingNode = underlyingNode), IsDiskEncryption {
+class Secret(underlyingNode: Node) : Concept(underlyingNode = underlyingNode), IsDiskEncryption {
     /** Key size. */
     var keySize: Int? = null
 }
@@ -31,7 +31,7 @@
 
 /** Represents an [HttpClient]. */
 class HttpClient(underlyingNode: Node, val isTLS: Boolean) :
-    Concept<HttpClientOperation>(underlyingNode = underlyingNode)
+    Concept(underlyingNode = underlyingNode)
 
-abstract class HttpClientOperation(underlyingNode: Node, concept: Concept<HttpClientOperation>) :
+abstract class HttpClientOperation(underlyingNode: Node, concept: Concept) :
     Operation(underlyingNode = underlyingNode, concept = concept)
@@ -36,7 +36,7 @@
     val path: String,
     val arguments: List<Node>,
     val supportedAuthentications: MutableList<String>,
-) : Concept<HttpEndpointOperation>(underlyingNode = underlyingNode)
+) : Concept(underlyingNode = underlyingNode)
 
 enum class HttpMethod {
     GET,
@@ -50,7 +50,5 @@
     DELETE,
 }
 
-abstract class HttpEndpointOperation(
-    underlyingNode: Node,
-    concept: Concept<HttpEndpointOperation>,
-) : Operation(underlyingNode, concept)
+abstract class HttpEndpointOperation(underlyingNode: Node, concept: Concept) :
+    Operation(underlyingNode, concept)
@@ -34,17 +34,12 @@
     underlyingNode: Node,
     val basePath: String,
     val endpoints: MutableList<HttpEndpoint>,
-) : Concept<HttpRequestHandlerOperation>(underlyingNode = underlyingNode)
+) : Concept(underlyingNode = underlyingNode)
 
 /** Base class for Http operations. */
-abstract class HttpRequestHandlerOperation(
-    underlyingNode: Node,
-    concept: Concept<HttpRequestHandlerOperation>,
-) : Operation(underlyingNode, concept) {}
+abstract class HttpRequestHandlerOperation(underlyingNode: Node, concept: Concept) :
+    Operation(underlyingNode, concept) {}
 
 /** Registers an [HttpEndpoint]. */
-class RegisterHttpEndpoint(
-    underlyingNode: Node,
-    concept: Concept<HttpRequestHandlerOperation>,
-    val httpEndpoint: HttpEndpoint,
-) : HttpRequestHandlerOperation(underlyingNode, concept)
+class RegisterHttpEndpoint(underlyingNode: Node, concept: Concept, val httpEndpoint: HttpEndpoint) :
+    HttpRequestHandlerOperation(underlyingNode, concept)
@@ -52,13 +52,13 @@ enum class MemoryManagementMode {
  * @param mode The memory management mode of the memory concept.
  */
 class Memory(underlyingNode: Node, mode: MemoryManagementMode) :
-    Concept<MemoryOperation>(underlyingNode = underlyingNode), IsMemory
+    Concept(underlyingNode = underlyingNode), IsMemory
 
 /** A common interface for the "memory" sub-graph. */
 interface IsMemory
 
 /** A common abstract class for memory operations. */
-abstract class MemoryOperation(underlyingNode: Node, concept: Concept<MemoryOperation>) :
+abstract class MemoryOperation(underlyingNode: Node, concept: Concept) :
     Operation(underlyingNode = underlyingNode, concept = concept), IsMemory
 
 /**
@@ -67,7 +67,7 @@ abstract class MemoryOperation(underlyingNode: Node, concept: Concept<MemoryOper
  */
 class Allocate(
     underlyingNode: Node,
-    concept: Concept<MemoryOperation>,
+    concept: Concept,
     /** A reference to [what] is allocated, e.g., a variable. */
     var what: Node?,
 ) : MemoryOperation(underlyingNode = underlyingNode, concept = concept)
@@ -78,7 +78,7 @@ class Allocate(
  */
 class DeAllocate(
     underlyingNode: Node,
-    concept: Concept<MemoryOperation>,
+    concept: Concept,
     /** A reference to [what] is de-allocated, e.g., a variable. */
     var what: Node?,
 ) : MemoryOperation(underlyingNode = underlyingNode, concept = concept)
@@ -71,17 +71,15 @@ class Neo4JTest {
         val connectCall = result.calls["connect"]
         assertNotNull(connectCall)
 
-        abstract class NetworkingOperation(underlyingNode: Node, concept: Concept<out Operation>) :
+        abstract class NetworkingOperation(underlyingNode: Node, concept: Concept) :
             Operation(underlyingNode = underlyingNode, concept = concept)
-        class Connect(underlyingNode: Node, concept: Concept<out Operation>) :
+        class Connect(underlyingNode: Node, concept: Concept) :
             NetworkingOperation(underlyingNode = underlyingNode, concept = concept)
-        class Networking(underlyingNode: Node) :
-            Concept<NetworkingOperation>(underlyingNode = underlyingNode)
+        class Networking(underlyingNode: Node) : Concept(underlyingNode = underlyingNode)
 
-        abstract class FileOperation(underlyingNode: Node, concept: Concept<out Operation>) :
+        abstract class FileOperation(underlyingNode: Node, concept: Concept) :
             Operation(underlyingNode = underlyingNode, concept = concept)
-        class FileHandling(underlyingNode: Node) :
-            Concept<FileOperation>(underlyingNode = underlyingNode)
+        class FileHandling(underlyingNode: Node) : Concept(underlyingNode = underlyingNode)
 
         val nw = Networking(underlyingNode = tu)
         nw.name = Name("Networking")